Nmap Development mailing list archives
Re: Parsing nmap XML (OS Fingerprint part)
From: "Lawrence Waterhouse" <lawrence.waterhouse () gmail com>
Date: Thu, 23 Aug 2007 14:53:05 -0400
They are two type of script: host script 'belong_to' a host so it would need the proper host_fk to link them to this host. port script 'belong_to' a port and would need the proper port_fk to link them to this port. Output is very simple the id of the script and his output, he is an example <port protocol="tcp" portid="22"><state state="open" reason="syn-ack" reason_ttl="64"/><service name="ssh" method="table" conf="3" /><script id="Stealth SSH version" output="SSH-1.99-OpenSSH_3.6.1p2" /><script id="SSH Protocol Version 1" output="Server supports SSHv1" /></port> <port protocol="tcp" portid="80"><state state="open" reason="syn-ack" reason_ttl="64"/><service name="http" method="table" conf="3" /><script id="HTML title" output="Apache HTTP Server Test Page powered by CentOS" /></port> host script output are simply in <host><script/> tag Someone can probably explain this better than me but you should get the picture ;) On 8/23/07, Guilherme Polo <ggpolo () gmail com> wrote:
2007/8/23, Lawrence Waterhouse <lawrence.waterhouse () gmail com>:Yes the NSE script output ! <script id="HTML title" output="Apache HTTP Server Test Page powered by CentOS" /> I am not too familiar with your schema but i believe a 'host_script' and 'port_script' table with a 'id' and 'output' fields and of course the required FK's would do the job ;)Yes, seems easy to add this feature. Required fk would be just a fk_scan it seems I'm not much familiar on NSE scripts output yetOn 8/23/07, Guilherme Polo <ggpolo () gmail com> wrote:2007/8/23, Lawrence Waterhouse <lawrence.waterhouse () gmail com>:Excellent news ! Would be nice to include the host/port scripts output in the sql schema. All they store in the XML output 'id' and 'output' so i guess this would be pretty simple to add.What host/port scripts output ? Is this related to NSE ? Explain please ;) I'm accepting changes, suggestions, and etc of course.On 8/23/07, Guilherme Polo <ggpolo () gmail com> wrote:2007/8/23, Lawrence Waterhouse <lawrence.waterhouse () gmail com>:I mean merged into 'official release', i am still looking at the code, will mess with it in a few hours.Adriano told me it would happen in like 2 or 3 weeks, but I'm not really sure yet.Might write some kind of quick-and-dirty django app for it On 8/23/07, Guilherme Polo <ggpolo () gmail com> wrote:2007/8/23, Lawrence Waterhouse <lawrence.waterhouse () gmail com>:Wow Your schema is much more evolved than mine, mine was using Elixir wrapper for SQLAlchemy(http://elixir.ematia.de) is there any ETA for the UmitDB part ?It is working already, I use it to do basically everything I need to do in Network Inventory I've done for Umit too (my branch, again) Or maybe I misunderstood ETA (Estimated Time to Arrive) ?Excellent work ! On 8/23/07, Guilherme Polo <ggpolo () gmail com> wrote:2007/8/23, Lawrence Waterhouse <lawrence.waterhouse () gmail com>:Thanks for the reply, I am looking at your sax based parser right now, i would like to take a look at your Python package for converting XML to database if you dont mind sharing :)It is only on my umit branch actually, you can access using svn: https://umit.svn.sourceforge.net/svnroot/umit/branch/ggpolo Inside it there is package called umitDB, that is it. You may view illustrations (diagrams) of database being used here: http://umit.svn.sourceforge.net/viewvc/*checkout*/umit/branch/umitdb/diagram/umitdb-on-delete.png?revision=1310 http://umit.svn.sourceforge.net/viewvc/*checkout*/umit/branch/umitdb/diagram/umitdb.png?revision=1290i started playing with Umit in the last few days, terrific tool ! Lawrence On 8/23/07, Guilherme Polo <ggpolo () gmail com> wrote:2007/8/23, Lawrence Waterhouse <lawrence.waterhouse () gmail com>:Hello folks, As a learning exercice i am writing a script to parse nmap XML file to database in python. I am having problem parsing the "OS fingerprint" part... consider the following XML tidbit:You may consider taking a look at NmapParser that Umit is using. Also, I've done a Python package for converting XML to database (also does some other things) using that parser._______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://SecLists.Org-- -- Guilherme H. Polo Goncalves _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://SecLists.Org_______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://SecLists.Org-- -- Guilherme H. Polo Goncalves_______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://SecLists.Org-- -- Guilherme H. Polo Goncalves _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://SecLists.Org_______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://SecLists.Org-- -- Guilherme H. Polo Goncalves _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://SecLists.Org_______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://SecLists.Org-- -- Guilherme H. Polo Goncalves _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://SecLists.Org
_______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://SecLists.Org
Current thread:
- Re: Parsing nmap XML (OS Fingerprint part), (continued)
- Re: Parsing nmap XML (OS Fingerprint part) Guilherme Polo (Aug 23)
- Re: Parsing nmap XML (OS Fingerprint part) Lawrence Waterhouse (Aug 23)
- Message not available
- Fwd: Parsing nmap XML (OS Fingerprint part) Guilherme Polo (Aug 23)
- Re: Parsing nmap XML (OS Fingerprint part) Guilherme Polo (Aug 23)
- Message not available
- Re: Parsing nmap XML (OS Fingerprint part) Lawrence Waterhouse (Aug 23)
- Re: Parsing nmap XML (OS Fingerprint part) Guilherme Polo (Aug 23)
- Re: Parsing nmap XML (OS Fingerprint part) Lawrence Waterhouse (Aug 23)
- Re: Parsing nmap XML (OS Fingerprint part) Guilherme Polo (Aug 23)
- Re: Parsing nmap XML (OS Fingerprint part) Lawrence Waterhouse (Aug 23)
- Re: Parsing nmap XML (OS Fingerprint part) Guilherme Polo (Aug 23)
- Re: Parsing nmap XML (OS Fingerprint part) Lawrence Waterhouse (Aug 23)